local AccessPermissionFilter = Class("com.ea.filter.AccessPermissionFilter")
----local logger=logger;

--[[检查URL地址是否允许访问列表中，即config的permitURL中]]
function AccessPermissionFilter:init()
end

function AccessPermissionFilter:doFilter(request,response)

  local appConfig=luastar_context.loadJsonConfig("config");
  local _str=string.sub(ngx.var.uri,-3,-1)
  local wholeUrl=ngx.var.uri
  if _str==".do" then
      wholeUrl=string.sub(ngx.var.uri,1,-4)
  end 
    
  local isPermitURL =false;
  for i,v in pairs (appConfig.permitURL) do
        if wholeUrl==v then
          if ngx.var.APP_DEBUG_LOG== "true" then ngx.log(ngx.DEBUG,logger.formatMsg(string.format("%s is permitted",wholeUrl))); end
          isPermitURL=true;
          break;
        end
         --if ngx.var.APP_DEBUG_LOG== "true" then ngx.log(ngx.DEBUG,logger.formatMsg(string.format(" need_login uri %s %s",i,v))); end
    end
    if isPermitURL==false then---URL地址不在访问列表中
          response:responseJson(cjson.encode({state=4020001,msg="您请求的URL禁止访问",data=nil}))
          ngx.log(ngx.INFO,logger.formatMsg(string.format("禁止访问URI:%s ",ngx.var.uri)));
         return false
    end    
  return true

end

return AccessPermissionFilter;
